Always, the first impulse is to blame WordPress. And, I'm not saying it's blameless. But the article does mention that it doesn't appear the "hole" originated with WordPress. Sites on certain hosts are infected. So far my WP sites are OK. I'm on a VPS.
Also, there are reports that sites other than those on the WP platform are being infected. At the risk of violating the WebmasterWorld TOS, this site purports to have a cleanup: